Bug 1155897 (CVE-2019-18683)

Summary: VUL-1: CVE-2019-18683: kernel-source: Exploitable bugs in drivers/media/platform/vivid
Product: [Novell Products] SUSE Security Incidents Reporter: Robert Frohl <rfrohl>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Minor    
Priority: P4 - Low CC: meissner, smash_bz, tiwai
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/246313/
Whiteboard: CVSSv3.1:SUSE:CVE-2019-18683:7.0:(AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Robert Frohl 2019-11-05 10:32:47 UTC
CVE-2019-18683

An issue was discovered in drivers/media/platform/vivid in the Linux kernel
through 5.3.8. It is exploitable for privilege escalation on some Linux
distributions where local users have /dev/video0 access, but only if the driver
happens to be loaded. There are multiple race conditions during streaming
stopping in this driver (part of the V4L2 subsystem). These issues are caused by
wrong mutex locking in vivid_stop_generating_vid_cap(),
vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding
kthreads. At least one of these race conditions leads to a use-after-free.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18683
http://seclists.org/oss-sec/2019/q4/43
https://www.openwall.com/lists/oss-security/2019/11/02/1
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-18683.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18683
https://lore.kernel.org/lkml/20191103221719.27118-1-alex.popov@linux.com/
Comment 1 Takashi Iwai 2019-11-08 13:35:01 UTC
The patch still doesn't appear on upstream tree, waiting for it for a while.
Comment 2 Takashi Iwai 2019-11-11 11:57:02 UTC
The fix in the subsystem tree:
6dcd5d7a7a29c1e4b8016a06aed78cd650cd8c27
    media: vivid: Fix wrong locking that causes race conditions on streaming stop

Still waiting for the merge into Linus tree, as it's a minor issue.
Comment 3 Takashi Iwai 2019-11-27 06:53:30 UTC
Backported to SLE15-SP2, SLE15 and cve/linux-4.4 branches.
The older branches don't contain this driver code.

Reassigned back to security team.
Comment 9 Swamp Workflow Management 2019-12-05 09:52:21 UTC
This is an autogenerated message for OBS integration:
This bug (1155897) was mentioned in
https://build.opensuse.org/request/show/754294 15.0 / kernel-source
Comment 11 Swamp Workflow Management 2019-12-06 15:23:55 UTC
This is an autogenerated message for OBS integration:
This bug (1155897) was mentioned in
https://build.opensuse.org/request/show/754695 15.1 / kernel-source
Comment 12 Swamp Workflow Management 2019-12-06 23:42:37 UTC
SUSE-SU-2019:3200-1: An update that solves 44 vulnerabilities and has 258 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1048942,1050244,1050536,1050545,1051510,1054914,1055117,1055186,1061840,1064802,1065600,1065729,1066129,1071995,1073513,1082555,1082635,1083647,1086323,1087092,1089644,1090631,1091041,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1103990,1103991,1104353,1104427,1104745,1104967,1106434,1108043,1108382,1109158,1109837,1111666,1112178,1112374,1113722,1113994,1114279,1117169,1117665,1118661,1119086,1119113,1119461,1119465,1120902,1122363,1123034,1123080,1123105,1126390,1127155,1127354,1127371,1127988,1131107,1131304,1131489,1133140,1134476,1134983,1135642,1135854,1135873,1135966,1135967,1136261,1137040,1137069,1137223,1137236,1137799,1137861,1137865,1137959,1137982,1138039,1138190,1138539,1139073,1140090,1140155,1140729,1140845,1140883,1141013,1141340,1141543,1141600,1142076,1142635,1142667,1142924,1143706,1144338,1144375,1144449,1144653,1144903,1145099,1145661,1146042,1146612,1146664,1148133,1148410,1148712,1148859,1148868,1149083,1149119,1149224,1149446,1149448,1149555,1149651,1149652,1149713,1149853,1149940,1149959,1149963,1149976,1150025,1150033,1150112,1150305,1150381,1150423,1150457,1150466,1150562,1150727,1150846,1150860,1150861,1150875,1150933,1151021,1151067,1151192,1151225,1151350,1151508,1151548,1151610,1151661,1151662,1151667,1151671,1151680,1151807,1151891,1151900,1151955,1152024,1152025,1152026,1152033,1152161,1152187,1152325,1152457,1152460,1152466,1152525,1152624,1152665,1152685,1152696,1152697,1152782,1152788,1152790,1152791,1152885,1152972,1152974,1152975,1153108,1153112,1153236,1153263,1153476,1153509,1153607,1153628,1153646,1153681,1153713,1153717,1153718,1153719,1153811,1153969,1154043,1154048,1154058,1154108,1154124,1154189,1154242,1154268,1154354,1154355,1154372,1154521,1154526,1154578,1154601,1154607,1154608,1154610,1154611,1154651,1154737,1154747,1154848,1154858,1154905,1154956,1154959,1155021,1155061,1155178,1155179,1155184,1155186,1155671,1155689,1155692,1155836,1155897,1155982,1156187,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068
CVE References: CVE-2017-18595,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-14821,CVE-2019-14835,CVE-2019-14895,CVE-2019-15030,CVE-2019-15031,CVE-2019-15916,CVE-2019-16231,CVE-2019-16233,CVE-2019-16995,CVE-2019-17055,CVE-2019-17056,CVE-2019-17666,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.7.1, kgraft-patch-SLE12-SP5_Update_1-1-8.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 13 Swamp Workflow Management 2019-12-07 00:19:51 UTC
SUSE-SU-2019:3200-1: An update that solves 44 vulnerabilities and has 258 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1048942,1050244,1050536,1050545,1051510,1054914,1055117,1055186,1061840,1064802,1065600,1065729,1066129,1071995,1073513,1082555,1082635,1083647,1086323,1087092,1089644,1090631,1091041,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1103990,1103991,1104353,1104427,1104745,1104967,1106434,1108043,1108382,1109158,1109837,1111666,1112178,1112374,1113722,1113994,1114279,1117169,1117665,1118661,1119086,1119113,1119461,1119465,1120902,1122363,1123034,1123080,1123105,1126390,1127155,1127354,1127371,1127988,1131107,1131304,1131489,1133140,1134476,1134983,1135642,1135854,1135873,1135966,1135967,1136261,1137040,1137069,1137223,1137236,1137799,1137861,1137865,1137959,1137982,1138039,1138190,1138539,1139073,1140090,1140155,1140729,1140845,1140883,1141013,1141340,1141543,1141600,1142076,1142635,1142667,1142924,1143706,1144338,1144375,1144449,1144653,1144903,1145099,1145661,1146042,1146612,1146664,1148133,1148410,1148712,1148859,1148868,1149083,1149119,1149224,1149446,1149448,1149555,1149651,1149652,1149713,1149853,1149940,1149959,1149963,1149976,1150025,1150033,1150112,1150305,1150381,1150423,1150457,1150466,1150562,1150727,1150846,1150860,1150861,1150875,1150933,1151021,1151067,1151192,1151225,1151350,1151508,1151548,1151610,1151661,1151662,1151667,1151671,1151680,1151807,1151891,1151900,1151955,1152024,1152025,1152026,1152033,1152161,1152187,1152325,1152457,1152460,1152466,1152525,1152624,1152665,1152685,1152696,1152697,1152782,1152788,1152790,1152791,1152885,1152972,1152974,1152975,1153108,1153112,1153236,1153263,1153476,1153509,1153607,1153628,1153646,1153681,1153713,1153717,1153718,1153719,1153811,1153969,1154043,1154048,1154058,1154108,1154124,1154189,1154242,1154268,1154354,1154355,1154372,1154521,1154526,1154578,1154601,1154607,1154608,1154610,1154611,1154651,1154737,1154747,1154848,1154858,1154905,1154956,1154959,1155021,1155061,1155178,1155179,1155184,1155186,1155671,1155689,1155692,1155836,1155897,1155982,1156187,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068
CVE References: CVE-2017-18595,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-14821,CVE-2019-14835,CVE-2019-14895,CVE-2019-15030,CVE-2019-15031,CVE-2019-15916,CVE-2019-16231,CVE-2019-16233,CVE-2019-16995,CVE-2019-17055,CVE-2019-17056,CVE-2019-17666,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.7.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.7.1, kernel-obs-build-4.12.14-122.7.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.7.1, kernel-source-4.12.14-122.7.1, kernel-syms-4.12.14-122.7.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.7.1, kgraft-patch-SLE12-SP5_Update_1-1-8.7.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Swamp Workflow Management 2019-12-12 14:18:50 UTC
openSUSE-SU-2019:2675-1: An update that solves 38 vulnerabilities and has 92 fixes is now available.

Category: security (important)
Bug References: 1051510,1071995,1078248,1089644,1091041,1103990,1103991,1104353,1104427,1104745,1108043,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1117169,1118661,1119113,1120853,1126390,1127354,1127371,1129770,1131107,1134983,1137223,1137236,1138039,1140948,1141054,1142095,1142635,1142924,1144333,1146519,1146544,1149448,1151067,1151548,1151900,1153628,1153811,1154043,1154058,1154355,1154601,1155689,1155897,1155921,1156258,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652
CVE References: CVE-2019-14895,CVE-2019-14901,CVE-2019-15213,CVE-2019-15916,CVE-2019-18660,CVE-2019-18683,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19524,CVE-2019-19525,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19534,CVE-2019-19536,CVE-2019-19543
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.36.1, kernel-default-4.12.14-lp151.28.36.1, kernel-docs-4.12.14-lp151.28.36.1, kernel-kvmsmall-4.12.14-lp151.28.36.1, kernel-obs-build-4.12.14-lp151.28.36.1, kernel-obs-qa-4.12.14-lp151.28.36.1, kernel-source-4.12.14-lp151.28.36.1, kernel-syms-4.12.14-lp151.28.36.1, kernel-vanilla-4.12.14-lp151.28.36.1
Comment 18 Swamp Workflow Management 2019-12-12 20:18:27 UTC
SUSE-SU-2019:3289-1: An update that solves 34 vulnerabilities and has 56 fixes is now available.

Category: security (important)
Bug References: 1048942,1051510,1071995,1078248,1082635,1089644,1091041,1108043,1113722,1114279,1117169,1120853,1131107,1135966,1135967,1138039,1140948,1141054,1142095,1143706,1144333,1149448,1150466,1151548,1151900,1153628,1153811,1154043,1154058,1154124,1154355,1154526,1155021,1155689,1155897,1155921,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1157038,1157042,1157070,1157143,1157145,1157158,1157162,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157307,1157324,1157333,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158082,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445
CVE References: CVE-2019-0154,CVE-2019-0155,CVE-2019-14895,CVE-2019-14901,CVE-2019-15916,CVE-2019-16231,CVE-2019-18660,CVE-2019-18683,CVE-2019-18809,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19227,CVE-2019-19524,CVE-2019-19525,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19534,CVE-2019-19536,CVE-2019-19543
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15 (src):    kernel-azure-4.12.14-5.47.1, kernel-source-azure-4.12.14-5.47.1, kernel-syms-azure-4.12.14-5.47.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 22 Swamp Workflow Management 2019-12-17 17:20:40 UTC
SUSE-SU-2019:3317-1: An update that solves 41 vulnerabilities and has 88 fixes is now available.

Category: security (important)
Bug References: 1048942,1051510,1071995,1078248,1082635,1089644,1091041,1103990,1103991,1104353,1104427,1104745,1108043,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1117169,1118661,1119113,1120853,1126390,1127354,1127371,1129770,1131107,1134983,1135966,1135967,1137223,1137236,1138039,1140948,1142095,1142635,1142924,1143706,1144333,1149448,1150466,1151067,1151548,1151900,1152782,1153628,1153811,1154043,1154058,1154124,1154355,1154526,1154601,1155021,1155689,1155692,1155836,1155897,1155921,1155982,1156187,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445
CVE References: CVE-2019-0154,CVE-2019-14895,CVE-2019-14901,CVE-2019-15916,CVE-2019-16231,CVE-2019-17055,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19524,CVE-2019-19525,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19534,CVE-2019-19536,CVE-2019-19543
Sources used:
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.29.1, kernel-livepatch-SLE15-SP1_Update_8-1-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 23 Swamp Workflow Management 2019-12-17 17:34:06 UTC
SUSE-SU-2019:3316-1: An update that solves 44 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 1048942,1051510,1071995,1078248,1082635,1083647,1089644,1090888,1091041,1108043,1113722,1114279,1115026,1117169,1120853,1131107,1135966,1138039,1140948,1142095,1143706,1144333,1146519,1146544,1149448,1150466,1151548,1151900,1152631,1153628,1153811,1154043,1154058,1154124,1154355,1154526,1155021,1155689,1155897,1155921,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1157038,1157042,1157070,1157143,1157145,1157158,1157162,1157169,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157307,1157324,1157333,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024
CVE References: CVE-2019-0154,CVE-2019-14895,CVE-2019-14901,CVE-2019-15213,CVE-2019-15916,CVE-2019-16231,CVE-2019-18660,CVE-2019-18683,CVE-2019-18809,CVE-2019-19049,CVE-2019-19051,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19227,CVE-2019-19332,CVE-2019-19338,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.34.1, kernel-source-azure-4.12.14-6.34.1, kernel-syms-azure-4.12.14-6.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 24 Swamp Workflow Management 2019-12-17 17:59:50 UTC
SUSE-SU-2019:3317-1: An update that solves 41 vulnerabilities and has 88 fixes is now available.

Category: security (important)
Bug References: 1048942,1051510,1071995,1078248,1082635,1089644,1091041,1103990,1103991,1104353,1104427,1104745,1108043,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1117169,1118661,1119113,1120853,1126390,1127354,1127371,1129770,1131107,1134983,1135966,1135967,1137223,1137236,1138039,1140948,1142095,1142635,1142924,1143706,1144333,1149448,1150466,1151067,1151548,1151900,1152782,1153628,1153811,1154043,1154058,1154124,1154355,1154526,1154601,1155021,1155689,1155692,1155836,1155897,1155921,1155982,1156187,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445
CVE References: CVE-2019-0154,CVE-2019-14895,CVE-2019-14901,CVE-2019-15916,CVE-2019-16231,CVE-2019-17055,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19524,CVE-2019-19525,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19534,CVE-2019-19536,CVE-2019-19543
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.29.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-debug-4.12.14-197.29.1, kernel-default-4.12.14-197.29.1, kernel-docs-4.12.14-197.29.2, kernel-kvmsmall-4.12.14-197.29.1, kernel-obs-qa-4.12.14-197.29.1, kernel-source-4.12.14-197.29.1, kernel-vanilla-4.12.14-197.29.1, kernel-zfcpdump-4.12.14-197.29.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.29.1, kernel-livepatch-SLE15-SP1_Update_8-1-3.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.29.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.29.2, kernel-obs-build-4.12.14-197.29.1, kernel-source-4.12.14-197.29.1, kernel-syms-4.12.14-197.29.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.29.1, kernel-source-4.12.14-197.29.1, kernel-zfcpdump-4.12.14-197.29.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.29.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 28 Swamp Workflow Management 2019-12-20 11:16:38 UTC
SUSE-SU-2019:3371-1: An update that solves 24 vulnerabilities and has 58 fixes is now available.

Category: security (important)
Bug References: 1048942,1051510,1078248,1082635,1089644,1091041,1108043,1113722,1114279,1117169,1131107,1138039,1140948,1143706,1144333,1149448,1150466,1151548,1151900,1152782,1153628,1153681,1153811,1154043,1154058,1154124,1154355,1154526,1154956,1155021,1155689,1155692,1155836,1155897,1155921,1155982,1156187,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1157038,1157042,1157070,1157143,1157145,1157158,1157162,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157307,1157324,1157333,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158082
CVE References: CVE-2019-14895,CVE-2019-15916,CVE-2019-16231,CVE-2019-17055,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18809,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19227
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.45.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.45.1, kernel-obs-build-4.12.14-95.45.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.45.1, kernel-source-4.12.14-95.45.1, kernel-syms-4.12.14-95.45.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.45.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    kernel-default-4.12.14-95.45.1, kernel-source-4.12.14-95.45.1, kernel-syms-4.12.14-95.45.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 29 Swamp Workflow Management 2019-12-20 11:26:47 UTC
SUSE-SU-2019:3371-1: An update that solves 24 vulnerabilities and has 58 fixes is now available.

Category: security (important)
Bug References: 1048942,1051510,1078248,1082635,1089644,1091041,1108043,1113722,1114279,1117169,1131107,1138039,1140948,1143706,1144333,1149448,1150466,1151548,1151900,1152782,1153628,1153681,1153811,1154043,1154058,1154124,1154355,1154526,1154956,1155021,1155689,1155692,1155836,1155897,1155921,1155982,1156187,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1157038,1157042,1157070,1157143,1157145,1157158,1157162,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157307,1157324,1157333,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158082
CVE References: CVE-2019-14895,CVE-2019-15916,CVE-2019-16231,CVE-2019-17055,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18809,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19227
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.45.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.45.1, kernel-obs-build-4.12.14-95.45.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.45.1, kernel-source-4.12.14-95.45.1, kernel-syms-4.12.14-95.45.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.45.1, kgraft-patch-SLE12-SP4_Update_11-1-6.5.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.45.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    kernel-default-4.12.14-95.45.1, kernel-source-4.12.14-95.45.1, kernel-syms-4.12.14-95.45.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Swamp Workflow Management 2019-12-20 11:40:00 UTC
SUSE-SU-2019:3372-1: An update that solves 42 vulnerabilities and has 100 fixes is now available.

Category: security (important)
Bug References: 1048942,1051510,1071995,1078248,1082635,1089644,1091041,1103990,1103991,1104353,1104427,1104745,1108043,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1117169,1118661,1119113,1120853,1126390,1127354,1127371,1129770,1131107,1134983,1135966,1135967,1137223,1137236,1138039,1140948,1142095,1142635,1142924,1143706,1144333,1146544,1149448,1150466,1151067,1151548,1151900,1152782,1153628,1153811,1154043,1154058,1154124,1154355,1154526,1154601,1155021,1155689,1155692,1155836,1155897,1155921,1156187,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652
CVE References: CVE-2019-0154,CVE-2019-14895,CVE-2019-14901,CVE-2019-15213,CVE-2019-15916,CVE-2019-16231,CVE-2019-17055,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19524,CVE-2019-19525,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19534,CVE-2019-19536,CVE-2019-19543
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.22.1, kernel-source-azure-4.12.14-8.22.1, kernel-syms-azure-4.12.14-8.22.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 31 Swamp Workflow Management 2019-12-21 14:12:57 UTC
SUSE-SU-2019:3379-1: An update that solves 26 vulnerabilities and has 14 fixes is now available.

Category: security (important)
Bug References: 1091041,1119461,1119465,1131107,1138190,1146544,1146612,1150466,1150483,1152631,1153811,1154905,1155689,1155897,1155898,1156187,1157038,1157042,1157070,1157143,1157158,1157191,1157324,1157333,1157464,1158132,1158394,1158398,1158410,1158413,1158417,1158445,1158823,1158824,1158827,1158834,1158900,1158903,1158904,1158954
CVE References: CVE-2019-14895,CVE-2019-15213,CVE-2019-16231,CVE-2019-18660,CVE-2019-18680,CVE-2019-18683,CVE-2019-18805,CVE-2019-19052,CVE-2019-19062,CVE-2019-19065,CVE-2019-19073,CVE-2019-19074,CVE-2019-19332,CVE-2019-19338,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19527,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.113.1, kernel-source-4.4.180-94.113.1, kernel-syms-4.4.180-94.113.1, kgraft-patch-SLE12-SP3_Update_30-1-4.5.1
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.113.1, kernel-source-4.4.180-94.113.1, kernel-syms-4.4.180-94.113.1, kgraft-patch-SLE12-SP3_Update_30-1-4.5.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.113.1, kernel-source-4.4.180-94.113.1, kernel-syms-4.4.180-94.113.1, kgraft-patch-SLE12-SP3_Update_30-1-4.5.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.113.1, kernel-source-4.4.180-94.113.1, kernel-syms-4.4.180-94.113.1, kgraft-patch-SLE12-SP3_Update_30-1-4.5.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.113.1, kernel-source-4.4.180-94.113.1, kernel-syms-4.4.180-94.113.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.113.1
SUSE Enterprise Storage 5 (src):    kernel-default-4.4.180-94.113.1, kernel-source-4.4.180-94.113.1, kernel-syms-4.4.180-94.113.1, kgraft-patch-SLE12-SP3_Update_30-1-4.5.1
SUSE CaaS Platform 3.0 (src):    kernel-default-4.4.180-94.113.1
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.113.1, kernel-source-4.4.180-94.113.1, kernel-syms-4.4.180-94.113.1, kgraft-patch-SLE12-SP3_Update_30-1-4.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 32 Swamp Workflow Management 2019-12-23 14:19:01 UTC
SUSE-SU-2019:3381-1: An update that solves 48 vulnerabilities and has 90 fixes is now available.

Category: security (important)
Bug References: 1046303,1048942,1051510,1065600,1071995,1078248,1082635,1083647,1089644,1090888,1091041,1104427,1108043,1113722,1114279,1115026,1117169,1120853,1127371,1131107,1138039,1140948,1142095,1143706,1143959,1144333,1146519,1146544,1149448,1150466,1151548,1151900,1152631,1152782,1153628,1153681,1153811,1154043,1154058,1154124,1154355,1154526,1154956,1155021,1155331,1155334,1155689,1155692,1155836,1155897,1155921,1156187,1156258,1156259,1156429,1156462,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1157038,1157042,1157070,1157143,1157145,1157158,1157162,1157169,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157303,1157307,1157324,1157333,1157424,1157463,1157499,1157678,1157698,1157778,1157853,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159297
CVE References: CVE-2019-14895,CVE-2019-14901,CVE-2019-15213,CVE-2019-15916,CVE-2019-16231,CVE-2019-17055,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18808,CVE-2019-18809,CVE-2019-19049,CVE-2019-19051,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19066,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19227,CVE-2019-19332,CVE-2019-19338,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543,CVE-2019-19767
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-150.47.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-150.47.1, kernel-docs-4.12.14-150.47.1, kernel-obs-qa-4.12.14-150.47.1
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-150.47.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-150.47.1, kernel-obs-build-4.12.14-150.47.1, kernel-source-4.12.14-150.47.1, kernel-syms-4.12.14-150.47.1, kernel-vanilla-4.12.14-150.47.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-150.47.1, kernel-source-4.12.14-150.47.1, kernel-zfcpdump-4.12.14-150.47.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.47.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 33 Swamp Workflow Management 2019-12-23 14:35:44 UTC
SUSE-SU-2019:3381-1: An update that solves 48 vulnerabilities and has 90 fixes is now available.

Category: security (important)
Bug References: 1046303,1048942,1051510,1065600,1071995,1078248,1082635,1083647,1089644,1090888,1091041,1104427,1108043,1113722,1114279,1115026,1117169,1120853,1127371,1131107,1138039,1140948,1142095,1143706,1143959,1144333,1146519,1146544,1149448,1150466,1151548,1151900,1152631,1152782,1153628,1153681,1153811,1154043,1154058,1154124,1154355,1154526,1154956,1155021,1155331,1155334,1155689,1155692,1155836,1155897,1155921,1156187,1156258,1156259,1156429,1156462,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1157038,1157042,1157070,1157143,1157145,1157158,1157162,1157169,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157303,1157307,1157324,1157333,1157424,1157463,1157499,1157678,1157698,1157778,1157853,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159297
CVE References: CVE-2019-14895,CVE-2019-14901,CVE-2019-15213,CVE-2019-15916,CVE-2019-16231,CVE-2019-17055,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18808,CVE-2019-18809,CVE-2019-19049,CVE-2019-19051,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19066,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19227,CVE-2019-19332,CVE-2019-19338,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543,CVE-2019-19767
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-150.47.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-150.47.1, kernel-docs-4.12.14-150.47.1, kernel-obs-qa-4.12.14-150.47.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.47.1, kernel-livepatch-SLE15_Update_17-1-1.3.2
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-150.47.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-150.47.1, kernel-obs-build-4.12.14-150.47.1, kernel-source-4.12.14-150.47.1, kernel-syms-4.12.14-150.47.1, kernel-vanilla-4.12.14-150.47.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-150.47.1, kernel-source-4.12.14-150.47.1, kernel-zfcpdump-4.12.14-150.47.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.47.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 35 Swamp Workflow Management 2020-01-14 14:47:00 UTC
SUSE-SU-2020:0093-1: An update that solves 80 vulnerabilities and has 310 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1048942,1050244,1050536,1050545,1051510,1055117,1055186,1061840,1064802,1065600,1065729,1066129,1071995,1073513,1078248,1082555,1082635,1083647,1086323,1087092,1089644,1090631,1090888,1091041,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1103989,1103990,1103991,1104353,1104427,1104745,1104967,1106434,1108043,1108382,1109158,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1115026,1117169,1117665,1118661,1119086,1119113,1119461,1119465,1120853,1120902,1122363,1123034,1123080,1123105,1126206,1126390,1127155,1127354,1127371,1127611,1127988,1129770,1131107,1131304,1131489,1133140,1134476,1134973,1134983,1135642,1135854,1135873,1135966,1135967,1136261,1137040,1137069,1137223,1137236,1137799,1137861,1137865,1137959,1137982,1138039,1138190,1139073,1140090,1140155,1140729,1140845,1140883,1140948,1141013,1141340,1141543,1142076,1142095,1142635,1142667,1142924,1143706,1143959,1144333,1144338,1144375,1144449,1144653,1144903,1145099,1145661,1146042,1146519,1146544,1146612,1146664,1148133,1148410,1148712,1148859,1148868,1149083,1149119,1149224,1149446,1149448,1149555,1149652,1149713,1149853,1149940,1149959,1149963,1149976,1150025,1150033,1150112,1150305,1150381,1150423,1150452,1150457,1150465,1150466,1150562,1150727,1150846,1150860,1150861,1150875,1150933,1151021,1151067,1151192,1151225,1151350,1151508,1151548,1151610,1151661,1151662,1151667,1151671,1151680,1151807,1151891,1151900,1151910,1151955,1152024,1152025,1152026,1152033,1152107,1152161,1152187,1152325,1152446,1152457,1152460,1152466,1152497,1152505,1152506,1152525,1152624,1152631,1152665,1152685,1152696,1152697,1152782,1152788,1152790,1152791,1152885,1152972,1152974,1152975,1153108,1153112,1153158,1153236,1153263,1153476,1153509,1153607,1153628,1153646,1153681,1153713,1153717,1153718,1153719,1153811,1153969,1154043,1154048,1154058,1154108,1154124,1154189,1154242,1154244,1154268,1154354,1154355,1154372,1154521,1154526,1154578,1154601,1154607,1154608,1154610,1154611,1154651,1154737,1154768,1154848,1154858,1154905,1154916,1154956,1154959,1155021,1155061,1155178,1155179,1155184,1155186,1155331,1155334,1155671,1155689,1155692,1155812,1155817,1155836,1155897,1155921,1155945,1156187,1156258,1156259,1156286,1156429,1156462,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157169,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157303,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157853,1157895,1157908,1158021,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158819,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159096,1159297,1159483,1159484,1159500,1159569,1159841,1159908,1159909,1159910,972655
CVE References: CVE-2017-18595,CVE-2018-12207,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-14821,CVE-2019-14835,CVE-2019-14895,CVE-2019-14901,CVE-2019-15030,CVE-2019-15031,CVE-2019-15213,CVE-2019-15916,CVE-2019-16231,CVE-2019-16232,CVE-2019-16233,CVE-2019-16234,CVE-2019-16746,CVE-2019-16995,CVE-2019-17055,CVE-2019-17056,CVE-2019-17133,CVE-2019-17666,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18808,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19051,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19066,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19319,CVE-2019-19332,CVE-2019-19338,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543,CVE-2019-19767,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.7.1, kernel-source-azure-4.12.14-16.7.1, kernel-syms-azure-4.12.14-16.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 37 Swamp Workflow Management 2020-03-05 20:22:37 UTC
SUSE-SU-2020:0599-1: An update that solves 60 vulnerabilities and has 119 fixes is now available.

Category: security (moderate)
Bug References: 1046303,1050244,1051510,1051858,1065600,1065729,1071995,1078248,1083647,1085030,1086301,1086313,1086314,1089644,1090888,1104427,1108043,1113722,1114279,1115026,1117169,1120853,1127371,1134973,1138039,1140948,1141054,1142095,1143959,1144333,1146519,1146544,1151548,1151900,1151910,1151927,1152631,1153811,1153917,1154043,1154058,1154355,1155331,1155334,1155689,1155897,1155921,1156258,1156259,1156286,1156462,1156471,1157038,1157042,1157070,1157143,1157145,1157155,1157157,1157158,1157162,1157169,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157303,1157307,1157324,1157333,1157424,1157463,1157499,1157678,1157692,1157698,1157778,1157853,1157908,1158013,1158021,1158026,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158819,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159028,1159297,1159394,1159483,1159484,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160195,1160210,1160211,1160433,1160442,1160476,1160560,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1161087,1161514,1161518,1161522,1161523,1161549,1161552,1161674,1161875,1161931,1161933,1161934,1161935,1161936,1161937,1162028,1162067
CVE References: CVE-2019-14615,CVE-2019-14895,CVE-2019-14896,CVE-2019-14897,CVE-2019-14901,CVE-2019-15213,CVE-2019-16994,CVE-2019-18660,CVE-2019-18683,CVE-2019-18808,CVE-2019-18809,CVE-2019-19036,CVE-2019-19045,CVE-2019-19049,CVE-2019-19051,CVE-2019-19052,CVE-2019-19054,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19066,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19227,CVE-2019-19318,CVE-2019-19319,CVE-2019-19332,CVE-2019-19338,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543,CVE-2019-19767,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2020-7053
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP4 (src):    kernel-rt-4.12.14-8.12.1, kernel-rt_debug-4.12.14-8.12.1, kernel-source-rt-4.12.14-8.12.1, kernel-syms-rt-4.12.14-8.12.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 38 Swamp Workflow Management 2020-03-09 14:28:03 UTC
SUSE-SU-2020:0613-1: An update that solves 69 vulnerabilities and has 168 fixes is now available.

Category: security (moderate)
Bug References: 1046303,1050244,1051510,1051858,1061840,1065600,1065729,1071995,1078248,1083647,1085030,1086301,1086313,1086314,1089644,1090888,1103989,1103990,1103991,1104353,1104427,1104745,1108043,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1114685,1115026,1117169,1118661,1119113,1120853,1123328,1126206,1126390,1127354,1127371,1127611,1127682,1129551,1129770,1134973,1134983,1137223,1137236,1138039,1140948,1141054,1142095,1142635,1142924,1143959,1144333,1146519,1146544,1151067,1151548,1151900,1151910,1151927,1152107,1152631,1153535,1153628,1153811,1153917,1154043,1154058,1154243,1154355,1154601,1154768,1154916,1155331,1155334,1155689,1155897,1155921,1156258,1156259,1156286,1156462,1156471,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157155,1157157,1157158,1157160,1157162,1157169,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157303,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157692,1157698,1157778,1157853,1157895,1157908,1158013,1158021,1158026,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158819,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159028,1159297,1159377,1159394,1159483,1159484,1159500,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160147,1160195,1160210,1160211,1160433,1160442,1160469,1160470,1160476,1160560,1160618,1160678,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1161087,1161243,1161472,1161514,1161518,1161522,1161523,1161549,1161552,1161674,1161931,1161933,1161934,1161935,1161936,1161937,1162028,1162067,1162109,1162139
CVE References: CVE-2019-14615,CVE-2019-14895,CVE-2019-14896,CVE-2019-14897,CVE-2019-14901,CVE-2019-15213,CVE-2019-16746,CVE-2019-16994,CVE-2019-18660,CVE-2019-18683,CVE-2019-18808,CVE-2019-18809,CVE-2019-19036,CVE-2019-19045,CVE-2019-19046,CVE-2019-19049,CVE-2019-19051,CVE-2019-19052,CVE-2019-19054,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19066,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19318,CVE-2019-19319,CVE-2019-19332,CVE-2019-19338,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543,CVE-2019-19767,CVE-2019-19927,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2020-7053,CVE-2020-8428
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.17.1, kernel-rt_debug-4.12.14-14.17.1, kernel-source-rt-4.12.14-14.17.1, kernel-syms-rt-4.12.14-14.17.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-rt-4.12.14-14.17.1, kernel-rt_debug-4.12.14-14.17.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 40 Swamp Workflow Management 2020-05-12 13:21:02 UTC
SUSE-SU-2020:1255-1: An update that solves 53 vulnerabilities and has 32 fixes is now available.

Category: security (important)
Bug References: 1037216,1075091,1075994,1087082,1087813,1091041,1099279,1120386,1131107,1133147,1136449,1137325,1146519,1146544,1146612,1149591,1153811,1154844,1155311,1155897,1156060,1157038,1157042,1157070,1157143,1157155,1157157,1157158,1157303,1157324,1157333,1157464,1157804,1157923,1158021,1158132,1158381,1158394,1158398,1158410,1158413,1158417,1158427,1158445,1158819,1158823,1158824,1158827,1158834,1158900,1158903,1158904,1159199,1159285,1159297,1159841,1159908,1159910,1159911,1159912,1160195,1162227,1162298,1162928,1162929,1162931,1163971,1164069,1164078,1164846,1165111,1165311,1165873,1165881,1165984,1165985,1167629,1168075,1168295,1168424,1168829,1168854,1170056,1170345,1170778
CVE References: CVE-2017-18255,CVE-2018-21008,CVE-2019-14615,CVE-2019-14895,CVE-2019-14896,CVE-2019-14897,CVE-2019-14901,CVE-2019-15213,CVE-2019-18660,CVE-2019-18675,CVE-2019-18683,CVE-2019-19052,CVE-2019-19062,CVE-2019-19066,CVE-2019-19073,CVE-2019-19074,CVE-2019-19319,CVE-2019-19332,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19527,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19767,CVE-2019-19768,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20096,CVE-2019-3701,CVE-2019-5108,CVE-2019-9455,CVE-2019-9458,CVE-2020-10690,CVE-2020-10720,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-2732,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1, kgraft-patch-SLE12-SP2_Update_34-1-3.3.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1, kgraft-patch-SLE12-SP2_Update_34-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1, kgraft-patch-SLE12-SP2_Update_34-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.129.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 41 Marcus Meissner 2020-07-03 06:51:31 UTC
released